As the digital transformation of society and industries further accelerates, the rise of security breaches and intrusions continues. Supply chain security risks are increasing with cybercriminals gaining access through unauthorized software related to procurements, maintenance and operations of network devices and ICT infrastructures. Organizations are faced with the challenge of detecting and reducing security risks across the supply chain before they bring on world-wide havoc based on severe security incidents. Then there’s also the matter of that how to trust their products and services between suppliers and customers. Is there a way to secure shared system configurations and network devices?.
NTT and NEC are creating a more trusted and secure supply chain network through a new security transparency assurance innovation.
Decentralization increases the risk of malicious software and hardware vulnerabilities, making it harder to gain visibility and inspect computer devices spread across multiple locations
Research and development have been done to discover new ways to analyze the software configuration of telecommunication equipment and a backdoor inspection technology for detecting illegal functions in software. This new technology works in three ways:
It means we can now inspect communications equipment from afar and match device-specification data with operation data to detect out-of-spec behavior. The team has achieved this type of detection by directly analyzing the binary code inside a device. The new technology will allow for more versatile, secure, and high-performance networks of software and hardware supplied by multiple vendors to become the next generation of communication devices.
Customers can quickly check the presence of suspicious components by referring to the device information during its product lifecycle (e.g., designing, producing, procurement, installation and operation), and suppliers can explain the risk of contamination with unauthorized components more objectively. Also, customers will be able to take faster action by identifying risks and impacts using specific device information once a new software vulnerability is found.
NTT and NEC began working together in June 2020 on joint research and development to support the global rollout of new ICT products on IOWN. We are planning to carry out technical validation studies using this technology to verify the effectiveness of each elemental technology and identify issues. More partners, including communication device vendors, system integrators and user companies, will be needed to construct and operate our vision of more trusted networks and more secure supply chains.